GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attacker may execute bison with crafted input file containing a NULL byte, which could triggers UAF and thus cause system crash. CREATE(Triage):(User=admin) [CVE-2020-24240|https://nvd.nist.gov/vuln/detail/CVE-2020-24240]